240cf6dd94
* add basic guacamole Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make everything mostly work Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add rac build to CI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix resize, fix web lint, sendSize correctly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * pre-send connection from client, format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve throughput Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework TokenOutpostConsumer into middleware Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix some layout issues Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add outpost controllers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start testing audio things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix a bunch of things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix to work with outpost group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add simple loadbalancing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add simple reconnect Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show reconnecting text Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix error when checking ports Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move to providers Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add flow check to interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix rac app label Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix audio Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add logging Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow overriding all settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate keyboard, debug high DPI Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing __init__.py breaking model loading I love python Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * bump successful ws connection to info Signed-off-by: Jens Langhammer <jens@goauthentik.io> * hide cursor since guac draws that Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add clipboard support (bidirectional) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make codespell not want to break the code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * run pr comment in separate task Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start endpoint and property mapping stuff Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more endpoint things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix event model_pk filtering with ints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: improve event display for changelog Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rebuild endpoint stuff again Signed-off-by: Jens Langhammer <jens@goauthentik.io> * idk special url Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more stuff, connect token with session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add disconnect Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework disconnect cleanly disconnect from guacd instead of just letting the connection timeout Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clear cache when creating outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * support host:port and fix protocol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * center smaller viewport Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rework connection to wait more and stop after some time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add policy control to endpoints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove provider protocol Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't switch to different outpost connection when already chosen Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start using property mappings, add static settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add some RAC mapping settings Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for event changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests and fix issues found by said tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add preview banner, move endpoints to main page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * auto-select endpoint if only one is available Signed-off-by: Jens Langhammer <jens@goauthentik.io> * backport https://github.com/goauthentik/authentik/pull/7831 to rac Signed-off-by: Jens Langhammer <jens@goauthentik.io> * dont select property mappings on endpoints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make table modal only load when opened Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only auto-redirect when open Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web deps Signed-off-by: Jens Langhammer <jens@goauthentik.io> * check for token expiry and terminate session Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add endpoint name to title Signed-off-by: Jens Langhammer <jens@goauthentik.io> * disconnect connection when token is manually deleted Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add initial RAC docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add connection expiry setting to provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flaky tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
104 lines
2.5 KiB
Go
104 lines
2.5 KiB
Go
package connection
|
|
|
|
import (
|
|
"bytes"
|
|
"fmt"
|
|
|
|
"github.com/gorilla/websocket"
|
|
"github.com/wwt/guac"
|
|
)
|
|
|
|
var (
|
|
internalOpcodeIns = []byte(fmt.Sprint(len(guac.InternalDataOpcode), ".", guac.InternalDataOpcode))
|
|
authentikOpcode = []byte("0.authentik.")
|
|
)
|
|
|
|
// MessageReader wraps a websocket connection and only permits Reading
|
|
type MessageReader interface {
|
|
// ReadMessage should return a single complete message to send to guac
|
|
ReadMessage() (int, []byte, error)
|
|
}
|
|
|
|
func (c *Connection) wsToGuacd() {
|
|
w := c.st.AcquireWriter()
|
|
for {
|
|
select {
|
|
default:
|
|
_, data, e := c.ws.ReadMessage()
|
|
if e != nil {
|
|
c.log.WithError(e).Trace("Error reading message from ws")
|
|
c.onError(e)
|
|
return
|
|
}
|
|
if bytes.HasPrefix(data, internalOpcodeIns) {
|
|
if bytes.HasPrefix(data, authentikOpcode) {
|
|
switch string(bytes.Replace(data, authentikOpcode, []byte{}, 1)) {
|
|
case "disconnect":
|
|
_, e := w.Write([]byte(guac.NewInstruction("disconnect").String()))
|
|
c.onError(e)
|
|
return
|
|
}
|
|
}
|
|
// messages starting with the InternalDataOpcode are never sent to guacd
|
|
continue
|
|
}
|
|
|
|
if _, e = w.Write(data); e != nil {
|
|
c.log.WithError(e).Trace("Failed writing to guacd")
|
|
c.onError(e)
|
|
return
|
|
}
|
|
case <-c.ctx.Done():
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
// MessageWriter wraps a websocket connection and only permits Writing
|
|
type MessageWriter interface {
|
|
// WriteMessage writes one or more complete guac commands to the websocket
|
|
WriteMessage(int, []byte) error
|
|
}
|
|
|
|
func (c *Connection) guacdToWs() {
|
|
r := c.st.AcquireReader()
|
|
buf := bytes.NewBuffer(make([]byte, 0, guac.MaxGuacMessage*2))
|
|
for {
|
|
select {
|
|
default:
|
|
ins, e := r.ReadSome()
|
|
if e != nil {
|
|
c.log.WithError(e).Trace("Error reading from guacd")
|
|
c.onError(e)
|
|
return
|
|
}
|
|
|
|
if bytes.HasPrefix(ins, internalOpcodeIns) {
|
|
// messages starting with the InternalDataOpcode are never sent to the websocket
|
|
continue
|
|
}
|
|
|
|
if _, e = buf.Write(ins); e != nil {
|
|
c.log.WithError(e).Trace("Failed to buffer guacd to ws")
|
|
c.onError(e)
|
|
return
|
|
}
|
|
|
|
// if the buffer has more data in it or we've reached the max buffer size, send the data and reset
|
|
if !r.Available() || buf.Len() >= guac.MaxGuacMessage {
|
|
if e = c.ws.WriteMessage(1, buf.Bytes()); e != nil {
|
|
if e == websocket.ErrCloseSent {
|
|
return
|
|
}
|
|
c.log.WithError(e).Trace("Failed sending message to ws")
|
|
c.onError(e)
|
|
return
|
|
}
|
|
buf.Reset()
|
|
}
|
|
case <-c.ctx.Done():
|
|
return
|
|
}
|
|
}
|
|
}
|